[virt-manager PATCH] domcapabilities: add md-clear to automatically enabled security features

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The bit is set when microcode provides the mechanism to invoke a flush
of various exploitable CPU buffers by invoking the VERW instruction.

CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091

Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx>
---
 virtinst/domcapabilities.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/virtinst/domcapabilities.py b/virtinst/domcapabilities.py
index 8993822e..acc91f81 100644
--- a/virtinst/domcapabilities.py
+++ b/virtinst/domcapabilities.py
@@ -281,7 +281,8 @@ class DomainCapabilities(XMLBuilder):
                 'spec-ctrl',
                 'ssbd',
                 'ibpb',
-                'virt-ssbd']
+                'virt-ssbd',
+                'md-clear']
 
         if self._features:
             return self._features
-- 
2.21.0

_______________________________________________
virt-tools-list mailing list
virt-tools-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/virt-tools-list
[Index of Archives]     [Linux Virtualization]     [KVM Development]     [CentOS Virtualization]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]     [Video 4 Linux]

  Powered by Linux